Oracle FAQ | Your Portal to the Oracle Knowledge Grid |
Home -> Community -> Usenet -> c.d.o.server -> Re: trigger to unsuccessfull login
Hm, yes it seems to be the case. Sorry about misinformation, apparently I
remembered it wrong..
Tanel.
"DA Morgan" <damorgan_at_exesolutions.com> wrote in message
news:3E4D1DF9.B8F5DDF2_at_exesolutions.com...
> Tanel Poder wrote:
>
> > Hello!
> >
> > You could write your own password verify function for Oracle and set it
to
> > all (any) users with PASSWORD_VERIFY_FUNCTION profile option. You could
keep
> > a log in some table - using autonomous transactions.
> >
> > I haven't tried it, but it should work if there's no specific
restrictions
> > during logon.
> >
> > Tanel.
> >
> > "DA Morgan" <damorgan_at_exesolutions.com> wrote in message
> > news:3E4CB6D4.D01A1E83_at_exesolutions.com...
> > > Andris Jancevskis wrote:
> > >
> > > > Hi!
> > > >
> > > > How can I check usuccessfull login attempt?
> > > > I can check time when user lon in with database triger, but it is
> > > > _after_ event. Should I modify trigger SYS_LOGON ?
> > > >
> > > > I don't like to do this.
> > > >
> > > > cheers,
> > > > Andris
> > >
> > > AFAIK unsuccessful attempts can not be trapped inside the database
> > > unless the SYSTEM trigger AFTER SERVERERROR or something like it
catches
> > > them. I haven't really checked.
> > >
> > > I will be very interested in responses that may indicate a means of
> > > doing so other than in the operating system.
> > >
> > > But the reason I have never cared much is that I always alter the
> > > default profile to lock any account after three attempts at the
> > > password. It really makes cracking painfully hard to do and impossible
> > > for a program that tries different combinations. It only gets to try 3
> > > every three days.
> > >
> > > Daniel Morgan
> > >
>
> AFAIK Password Veify Function will control the creation of passwords ...
not
> failed attempts to logon or to hack a system.
>
> Daniel Morgan
>
Received on Sat Feb 15 2003 - 18:48:19 CST